package login;

import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.*;  

import db.AbstractDbRequest;
import db.AbstractDbResponse;

public class LoginMachine extends db.AbstractDAO {

	public LoginMachine() throws ClassNotFoundException, SQLException {
		super();
	}

	@Override
	public AbstractDbResponse execute(AbstractDbRequest dbRequest) {
		return null;
	}
	
	
	//authenticates the user's login credentials. 
	public int processLogin(String username, String password) throws SQLException {
		
    	String query = new String();
        Statement s = conn.createStatement();
        query = "select u.userid, u.password, u.accounttype from useraccount u where u.userid = '" + username +"'";
        
        String rUsername = null; 
        String rPassword = null; 
        
        ResultSet r = null;  
        
        //searches for username/password in database. 
        try {
        	r = s.executeQuery(query);
        	r.next(); 
            rUsername = r.getString(1); 
            rPassword = r.getString(2);	
        }
        catch (SQLException e) {
        	r.close(); 
        	s.close(); 
        	conn.close(); 
        	return 0; 
        }
        
        //validates user name and password. Returns 0 if verification fails
        //1 if account type is manager, and 2 if customer. 
        if (rUsername.equals(username) && rPassword.equals(password)) {
        	String rAcctType = r.getString(3);
        	r.close(); 
        	s.close(); 
        	conn.close(); 
        	 
        	if (rAcctType.equals("Manager"))
        		return 1; 
        	else if (rAcctType.equals("Customer"))
        		return 2; 
        	else
        		return 0; 
        }
        else {
        	r.close(); 
        	s.close();
        	conn.close(); 
        	return 0; 
        }
	}
	
	//creates a new user account. 
	public int processNewAccount(String username, String email, String password, String firstname, String lastname, String contactnum, String accountType) throws SQLException {
		
        try {
        	String query = new String();
			Statement s = conn.createStatement();
			query = "insert into useraccount u values ('" + username + "', '" + email + "', '" + password + "', '" + firstname + "', '" + lastname + "', '" + contactnum + "', '" + accountType +"')";
			s.executeQuery(query);
			s.close(); 
			conn.close(); 
			return 1; 
        } catch (SQLException e) {
        	conn.close(); 
			return 0;
		}
        
	}
	
	//updates a current account. 
	//public int updateAccount(String username, String email, String password, String firstname, String lastname, String contactnum, String accountType) throws SQLException {
	public String updateAccount(String username, String email, String password, String firstname, String lastname, String contactnum, String accountType) throws SQLException {
		
        try {
        	String query = new String();
			Statement s = conn.createStatement();
			query = "update useraccount u set email = \'" + email + "\', password = \'" + password + "\', firstname = \'" + firstname + "\', lastname = \'" + lastname + "\', contactnum =\'" + contactnum + "\', accounttype = \'" + accountType +"\' where u.userid = \'" + username + "\'";
			s.executeQuery(query);
			s.close(); 
			conn.close(); 
			return "Passed"; 
        } catch (SQLException e) {
        	conn.close(); 
			return e.toString(); 
		}
        
	}
	
	public ArrayList<String> getUserData(String username) throws SQLException {
		
		ArrayList<String> results = new ArrayList<String>();  
		String query = new String();
        Statement s = conn.createStatement();
        query = "select *  from useraccount u where u.userid = '" + username +"'";
       
        ResultSet r = null;  
        
        //searches for username/password in database. 
        try {
        	r = s.executeQuery(query);
        	r.next();
        	results.add(r.getString(1)); //userid
        	results.add(r.getString(2)); //email
        	results.add(r.getString(3)); //password
        	results.add(r.getString(4)); //firstname
        	results.add(r.getString(5)); //lastname
        	results.add(r.getString(6)); //contactnum
        	results.add(r.getString(7)); //account type
        	r.close(); 
        	s.close();
        	conn.close(); 
        	return results; 
        	
        }
        catch (SQLException e) {
        	r.close(); 
        	s.close(); 
        	conn.close(); 
        	return null;  
        }
	}
	
	public void closeConnection() {
		try {
			conn.close();
		} catch (SQLException e) {} 
	}
	
}
